From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stefano Brivio <sbrivio@redhat.com>
To: passt-dev@passt.top
Subject: [PATCH 02/16] passt: Ignoring number of bytes read, CWE-252
Date: Tue, 05 Apr 2022 19:05:00 +0200
Message-ID: <20220405170514.2963773-3-sbrivio@redhat.com>
In-Reply-To: <20220405170514.2963773-1-sbrivio@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7350007087673614361=="

--===============7350007087673614361==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit

Harmless, assuming sane kernel behaviour. Reported by Coverity.

Signed-off-by: Stefano Brivio <sbrivio(a)redhat.com>
---
 passt.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/passt.c b/passt.c
index c469fe8..06c3d73 100644
--- a/passt.c
+++ b/passt.c
@@ -195,6 +195,7 @@ static void seccomp(const struct ctx *c)
  */
 static void check_root(void)
 {
+	const char root_uid_map[] = "         0          0 4294967295";
 	struct passwd *pw;
 	char buf[BUFSIZ];
 	int fd;
@@ -205,8 +206,8 @@ static void check_root(void)
 	if ((fd = open("/proc/self/uid_map", O_RDONLY | O_CLOEXEC)) < 0)
 		return;
 
-	if (read(fd, buf, BUFSIZ) > 0 &&
-	    strcmp(buf, "         0          0 4294967295")) {
+	if (read(fd, buf, BUFSIZ) != sizeof(root_uid_map) ||
+	    strncmp(buf, root_uid_map, sizeof(root_uid_map) - 1)) {
 		close(fd);
 		return;
 	}
-- 
2.35.1


--===============7350007087673614361==--